package weiyao.xinxidasai.config.Redis;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;

import org.springframework.beans.factory.annotation.Autowired;

import java.util.Arrays;
@Component
public class RequestValidator {
    @Autowired
    @Qualifier("sqlInjectionBloomFilter")
    private SqlInjectionBloomFilter sqlInjectionFilter;

    private static final Logger logger = LoggerFactory.getLogger(RequestValidator.class);
    public boolean isParameterValid(String parameter) {
        if (parameter == null) {
            logger.warn("检测到空参数请求");
            return false;
        }
        // 检查是否包含SQL注入关键词
        boolean isValid = !sqlInjectionFilter.containsInjection(parameter);
        if (!isValid) {
            logger.warn("参数拦截 - 非法输入: {}", parameter.substring(0, Math.min(parameter.length(), 50)));
        }
        return isValid;


    }

}